Wednesday, 5 October 2011

Massive privacy issue with new Norway law to tackle copyright infringement

Norway slashes data protection rights in the name of copyright, also introduces web blocking in proposed law

Norway submitted a draft law to the EC yesterday which would allow the Norwegian Media Authority to order ISPs to block websites "where, material is being made available to a great extent, evidently infringing copyright or other rights in accordance to this Act."

The draft text also introduces a mechanism whereby rights holders can force ISPs to unmask the identity of those alleged to be involved in copyright infringement, although this process will require a decision from the district court and sounds remarkably like a Norwich Pharmacal Order (NPO) used in the UK to unmask those behind alleged infringement - and lead, ultimately, to the names and addresses of thousands of alleged file sharers to appear online, together with the title of the adult films they were alleged to have downloaded.

The account holder will be notified of the unmasking order, but only one month after the ISP has handed over the personal details.

Two things here are extremely worrying. Web blocking, of course - but I've already covered the issues in great detail.

More worrying is the attempt to exempt those investigating copyright infringement from obtaining a license under the country's Data Protection Act. As the ACS:Law data breach I mentioned above went to show - those involved in investigating copyright infringement often process sensitive personal information when e.g. it relates to adult films.

Just the title of a film can throw questions over a person's sexuality, and such questions can damage relationships. And we're only talking about mere allegations, made by those representing the rights holders, against an IP address. Whether a worried partner would understand the not inconsiderable risk that a computer in the house had been infected with malware and used as part of a file sharing network is still to be determined.

Those investigating others should be subject to more oversight over their handling of personal data, not less.

The draft law hit Brussels this morning as part of the 3-month EC notification procedure required for most "technical regulations". If Norway is anything like the UK, the law wouldn't be sent to the EC until it had been agreed by the government at cabinet level.

1 comment:

How is it that these traditionally neutral and self-sustaining Scandinavian and other Nordic countries are starting to accede to the demands of American private industry interests, to the detriment of their own citizens privacy and liberty? I think with Sweden it was shown via a diplomatic cable leak to be sustained political pressure from the MPAA exerted via the US state dept. and onto the American embassy in Sweden. And were suddenly seeing the same pattern of legislation in many countries in the West now, at all around the same time. The UK already has the shocking DEAct in place. France has hadopi. New Zealand. Australia is next. Are we to believe its just coincidence that many different legislatures are passing these cookie cutter laws at the same time. Whats REALLY going on here?